Will request_uri get passed from cookieless server to 403 page on main server?

Detlef_R · November 17, 2013, 9:16pm

Migrating to a new server and thought I’d take the time to set up a
cookieless subdomain on it for static files.

In my current setup, 403 errors are sent to a php file which grabs the
$_SERVER[“REQUEST_URI”], locates the page of the photo on the site, and
redirects the person to that page so they see it in our context.

So now I’m going to set up static.example.com.

If I set the 403 error page to go to
error_page 403 http://www.example.com/dhe403.shtml;

in order to run the PHP on the 403 error, does the REQUEST_URI get
passed
between servers or do I have to do some rewrite magic that I currently
don’t do?

Thanks.

Ian_MSEvans · November 18, 2013, 1:21am

On 17/11/2013 3:16 PM, Ian M. Evans wrote:

error_page 403 http://www.example.com/dhe403.shtml;

in order to run the PHP on the 403 error, does the REQUEST_URI get passed
between servers or do I have to do some rewrite magic that I currently
don’t do?

Thanks.

Just trying to think this through on my own…is it possible to pass the
request_uri as a variable to the error page on the new server?

e.g.

error_page 403 http://www.example.com/dhe403.shtml?req=$request_uri;

Ian_MSEvans · November 19, 2013, 12:27am

On Sun, Nov 17, 2013 at 07:21:02PM -0500, Ian E. wrote:

On 17/11/2013 3:16 PM, Ian M. Evans wrote:

Hi there,

In my current setup, 403 errors are sent to a php file which grabs the
$_SERVER[“REQUEST_URI”], locates the page of the photo on the site, and
redirects the person to that page so they see it in our context.

So when a 403 would be generated, you intercept it, do some processing,
and return an appropriate 302 instead.

So now I’m going to set up static.example.com.

If I set the 403 error page to go to
error_page 403 http://www.example.com/dhe403.shtml;

in order to run the PHP on the 403 error, does the REQUEST_URI get passed
between servers or do I have to do some rewrite magic that I currently
don’t do?

No, it doesn’t.

That directive says “instead of sending a 403, send a 302 for this other
url”. What the browser does with that, is up to the browser.

Just trying to think this through on my own…is it possible to pass the
request_uri as a variable to the error page on the new server?

error_page 403 http://www.example.com/dhe403.shtml?req=$request_uri;

You can try. You may have to take care about url escaping, though.

(You can possibly avoid that if you use something like
…/dhe403.shtml/$request_uri and handle it appropriately on the far
side.)

It would seem easier to either proxy_pass or fastcgi_pass to the old
server, in an error_page 403 location on the new server, if you’re happy
to have that level of not-just-static involved (and not happy to run
the full php suite on the new server).

That way, the browser would get one redirect to the intended destination
instead of one to an intermediate location first.

f

Francis D. [email protected]

Ian_MSEvans · November 19, 2013, 10:14am

On 18/11/2013 6:26 PM, Francis D. wrote:

Thanks for your response.

(You can possibly avoid that if you use something like
…/dhe403.shtml/$request_uri and handle it appropriately on the far
side.)

Ok.

It would seem easier to either proxy_pass or fastcgi_pass to the old
server, in an error_page 403 location on the new server, if you’re happy
to have that level of not-just-static involved (and not happy to run
the full php suite on the new server).

That way, the browser would get one redirect to the intended destination
instead of one to an intermediate location first.

Just to clarify, the two “servers” are on same physical box with the
same document root, just migrating to a better host. So php is
installed. I’m just creating two server blocks so that the images will
be served on a cookieless sub-domain for web performance reasons, i.e.:

server {
server_name www.example.com;
…
}

server {
server_name static.example.com;
…
}

On the www block, I currently have this 403 block:

error_page 403 = /dhe403.shtml;
location = /dhe403.shtml {
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_cache off;
}

So I could add that to my static block as well?

Also, I’d have this “rewrite anything not static” location in the static
server:

if ($request_uri !~*
“.(gif|js|jpg|jpeg|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mov)$”)
{
rewrite ^(.*) http://www.example.com$1 permanent;
break;
}

If I put the 403 location before it, will it still redirect any
non-static files EXCEPT for the dhe403.shtml?

Thanks!

Ian_MSEvans · November 19, 2013, 10:31am

On Tue, Nov 19, 2013 at 04:13:30AM -0500, Ian E. wrote:

On 18/11/2013 6:26 PM, Francis D. wrote:

Hi there,

Just to clarify, the two “servers” are on same physical box with the
same document root, just migrating to a better host. So php is
installed.

On the www block, I currently have this 403 block:

error_page 403 = /dhe403.shtml;
location = /dhe403.shtml {
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_cache off;
}

So I could add that to my static block as well?

Yes.

If that php is set to always return cookies, then you might want to
run a separate php-fpm that does not return cookies for the static
site. But that’s a side issue.

Also, I’d have this “rewrite anything not static” location in the static
server:

if ($request_uri !~*

“.(gif|js|jpg|jpeg|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mov)$”)

{
rewrite ^(.*) http://www.example.com$1 permanent;
break;
}

That’s not a location. That’s an if() block.

If I put the 403 location before it, will it still redirect any
non-static files EXCEPT for the dhe403.shtml?

I believe that if() at server level gets tested before all locations –
but it shouldn’t be too hard to check.

Compare that output of “curl -i url” with what you want to see.

If it doesn’t work first time, perhaps putting the if() block inside a
“location /” and adjusting accordingly would do what you want.

f

Francis D. [email protected]

Ian_MSEvans · November 23, 2013, 6:56pm

On 19/11/2013 4:31 AM, Francis D. wrote:

If that php is set to always return cookies, then you might want to
run a separate php-fpm that does not return cookies for the static
site. But that’s a side issue.

Still experimenting with this…

What setting stops the php-fpm from not returning cookies?

Is it ‘fastcgi_ignore_headers’?

Thanks.

Ian_MSEvans · November 23, 2013, 10:04pm

On Sat, Nov 23, 2013 at 12:55:09PM -0500, Ian E. wrote:

On 19/11/2013 4:31 AM, Francis D. wrote:

Hi there,

If that php is set to always return cookies, then you might want to
run a separate php-fpm that does not return cookies for the static
site. But that’s a side issue.

Still experimenting with this…

What setting stops the php-fpm from not returning cookies?

By “return” here, I meant “generate a new one if the request did not
include one”.

It should be a php configuration, probably involving “session”, possibly
“session.use_cookies”.

Is it ‘fastcgi_ignore_headers’?

No, but you could probably “fastcgi_hide_header Set-Cookie;”, if your
fastcgi server insists on sending that header.

I don’t know if it is sufficient to try in nginx – Set-Cookie probably
comes with some “please do not cache” headers that you would want to
remove as well, if they aren’t otherwise needed.

f

Francis D. [email protected]

Ian_MSEvans · November 19, 2013, 10:47am

On 19/11/2013 4:31 AM, Francis D. wrote:

If that php is set to always return cookies, then you might want to
run a separate php-fpm that does not return cookies for the static
site. But that’s a side issue.

Will look into that. Thanks, hadn’t thought of it. Did a cursory glance
at Google and can’t see how just yet how to disable them.

That’s not a location. That’s an if() block.

I meant that…but it’s 4am here and I haven’t slept yet.